Request a demo

Okta - Complete Access Management

The Okta Identity Cloud provides secure identity management with Single Sign-On, Multi-factor Authentication, Lifecycle Management (Provisioning), and more.

Employee Authentication

How can I facilitate remote working without relaxing security?

An increasing number of organisations are supporting distributed, remote teams. While remote-work policies allow for increased flexibility, there are unique access and security considerations that are inherent to mobile and remote work. Remote work reduces the effectiveness of a network-based security perimeter. Because of this, Okta takes a Zero Trust approach to security, which means it leverages identity and access management to help IT teams enable secure access to resources — including cloud apps, on premises and custom apps, VPNs, APIs and infrastructure — from anywhere, at anytime, and all without compromising on security or usability. Technologies like single sign-on (SSO) simplify access across all services for end users and help IT teams roll out critical remote work apps quickly and securely. In addition, we strongly encourage organisations to add a supplementary layer of security to all user accounts in the form of multi-factor authentication (MFA). Additional factors can take many forms, like security questions and SMS one-time passwords, but we recommend using strong factors like mobile authenticator apps and biometrics.

How do I enable employees to work from home, without any solutions already in place?

Enabling remote access doesn’t have to mean a complete replacement of your existing IT stack. Cloud SSO and MFA should be leveraged alongside your existing investments to enhance security and make it easier for employees to access services remotely. A single cloud-based SSO and MFA solution for all applications, on-prem and in the cloud, can greatly improve end user experience and simplify security policies for organizations supporting hybrid IT. At Okta, we offer thousands of out-of-the-box integrations to key remote work SaaS tools such as video conferencing, chat and document collaboration apps, as well as VPNs so IT teams can quickly deploy new services or enable access to those services outside of the four walls of the office. Additionally, our team has made investments to secure access to on-prem apps and protect your hybrid cloud, without changing how your apps work today.

How do I onboard temporary support staff?

Onboarding experiences are critical to a new employees’ ability to succeed in their job and these experiences shouldn’t suffer just because an employee is remote or temporary. One key aspect of a positive day one experience for a new hire is ensuring they have access to the right applications to do their job. By automating provisioning for key applications, IT can ensure new hires have the right applications they need to get up and running. This is especially important in remote scenarios where new hires may not have immediate access to a helpdesk. And, when their projects are completed, IT can also automate off-boarding of those support staff so that IT teams aren’t left open to security vulnerabilities caused by latent access to resources. Creating a single, up-to-date source of truth is key to ensuring timely and accurate provisioning. Most organisations today use legacy on-prem directory solutions, like LDAP or AD as their primary user store. While we recommend the HR system should serve as the source of truth for employee information, when it comes to urgently supporting a remote workforce, standing up HR-as-a-Master may not be feasible. In those cases, we recommend creating a single source of truth by integrating legacy directories into a modern directory, like Okta’s Universal Directory to quickly support provisioning automation. Organizations are often hesitant to add temporary workers or contractors to legacy directories like Active Directory as doing so exposes the user to far more access than they need to do their job. For these scenarios, consider using Okta’s Universal Directory, or another IDaaS provider, as the system of record.

How easy is this to deploy?

The Okta Identity Cloud can help organisations provide secure access for much-needed remote work services such as video conferencing, document collaboration, VPNs and more quickly and with out-of-the-box integrations and documentation for admins. Additional needs such as automating provisioning for apps, configuring a robust authentication policy engine using Okta’s Adaptive MFA, or providing remote access to on-prem resources can take more time to deploy.

Customer Authentication

How do I ensure ID verification remotely, without compromising security?

ID verification, resolution and validation are key steps in any customer identity enrolment step. Organizations that need to comply with NIST 800-63a(USA), DIACC (Canada), eiDAS need specific technical and identity assurance requirements.

In-order to meet the broad scope of identity proofing regulation and business needs, a flexible identity platform that makes integration with any identity proofing vendors of your choice a seamless effort is critical. Customers should be able to leverage any identity proofing vendor and integrate the identity proofing step into the Okta platform. In order to make integration a seamless effort Okta partners with leading ID proofing vendors around the world including Experian, Jumio, Accuvant, Evident etc. These ID proofing vendors can validate an existing identity or run verification steps including document verification, liveness detection, digital verification, support digital wallets (BYO Identity) etc. The flexibility of the platform to integrate with an id proofing vendor of your choice and the ability to offer pre-built integrations with a number of vendors allows you to ensure remote ID verification without compromising security for enrolment or even credential recovery

How do I validate a digital identity with social distancing and hygiene factors in place?

In the age of social distancing, contactless identity proofing – in order to minimize human interaction while keeping the identity proofing step as secure and scalable as possible is a critical capability for organizations. In this new reality, organizations will likely depend on Identity proofing methods that can be done without a user physically handing over a document. This can be achieved in a few ways:

  1. Document verification via document uploads
  2. Liveness and real-time user validation using tele-presence
  3. Identity resolution from national identity systems (who have already verified the user and offer a high level of identity assurance)
  4. Leveraging existing social identity
  5. Digital wallet systems

Most modern id-proofing systems support one or more of these verification systems

How do I remotely onboard new customers?

Remote on-boarding of customers’ needs to accomplish the following goals:

  • Perform core identity services such as verification, enrolment and authentication onto different banking applications such as mobile, web and core banking
  • Perform key banking functions such as customer KYC

Organizations can leverage service functions such as progressive profiling that enable you to capture all user data that can be used for on-boarding.

For factor enrolment, giving users pre-built flows that allow them to on-board any credential acceptable to the bank to help with user onboarding.  Additionally, self-service password reset, and even enabling authentication using a magic link assigned to a user during enrolment can ease the burden associated with on-boarding new users to digital platforms.

Another strategy that be used by disruptor banks is make on-boarding easier is to consider partnering with third party organizations that leverage an API model, e.g. integrating with a 3rd party financial service provider will allow the user to on-board using existing user profile information. Thereby reducing the on-boarding experience to a few simple clicks.

Contact Details

For more information, please contact Kim Veerbeek at kim.veerbeek@okta.com

COVID-19 Response

Okta for Emergency Remote Work solution (no cost SSO/MFA for organizations that need support during this time of crisis): www.okta.com/okta-for-emergency-remote-work

Covid 19: What the tech industry is doing to help
Covid 19: What the tech industry is doing to help
Covid 19: What the tech industry is doing to help
Featured BlogAlign Interview: Investor Mike Powell on the journey from startup idea to product companies buy

Mike Powell, looks for companies that “have a tailwind behind them, a tipping point where things are changing in the favour of the technology or the company.”